Démêler les transactions Wasabi Coinjoin: Une plongée profonde dans les affirmations de désanonymisation de Chainalysis

BK, journalist Laura Shin published a story that claims to identify the 2016 Genesis DAO hacker who siphoned 3.6 million ethereum from the decentralized autonomous organization. While the story surprised the crypto community, one of the biggest eye-openers was the blockchain analysis methods leveraged, and the claim that Chainalysis allegedlyde-mixedWasabi transactions.

Contenu

Community Shocked by ChainalysisDe-MixingWasabi Transactions, Samourai Wallet Criticizes Wasabis Coinjoin Scheme

An article published by the journalist Laura Shin has révélé a so-called shocker about the use of Coinjoin transactions. Spécifiquement, Shins report highlighted how she used apowerful and previously secret forensics tool from crypto tracing firm Chainalysis.According to the report, Chainalysis discovered the attacker sent 50 bitcoin to a Wasabi wallet, and the blockchain intelligence firm was reportedly able tode-mixthe transactions. This piece of information was unexpected to a great number of crypto supporters. After the article was published, bitcoin advocate Nic Carter a écrit:

Lots of crazy stuff in the DAO hacker piece this am, but the part that stood out to me was Chainalysis being able to demix Wasabi [transactions].

en outre, the team behind the Samourai wallet criticized Wasabis mixing scheme on Tuesday as well. Wasabi has been under fire in the past over privacy concerns and the team has been debating Samourai developers over the issue for years.

En juillet 16, 2019, Wasabi tweeté that it donated funds to the Tor project and left the transaction ID in the tweet. Crypto developer Keonne Rodriguez replied to Wasabis tweet and claimed to deanonymize the transfer.

Input:1 comes from [the previous transaction] to Wirex in the amount of 4BTC in which 38 inputs from Wasabi mixes were merged,” Rodriguez mentionné at the time. “Since Wirex uses 1 static address and doesnt refresh them we know that the total amount sent to this Wirex account is 6 BTC (nice job).” The software engineer continued:

Input:0 comes from a prev mix with 31% de [transactions] seen together (this is actually a fairly low number for Wasabi, nice job), and a few obvious deterministic links. About 30 of the outputs have been clustered by OXT, and I suppose I can go and cluster more with a more powerful PC.

Samourai Sends Wasabi anImmediate Private Disclosure’ dans 2019, Wasabi Wallet Founder Stressed Samourais Claims WereInflated

En août 19, 2020, the Samourai wallet team published a article de blog that claimed to find two potential privacy vulnerabilities with Wasabis mixing scheme. Samourai detailed it discovered this information while researching the infamous Twitter hack that took place that summer. According to the wallet developers, they made animmediate private disclosureto the Wasabi team concerning the issues.

The intention of this statement is to provide enough time for Wasabi Wallet users to seriously consider pausing usage of the Coinjoin aspect of the Wasabi software, if users wish to continue making use of this feature they should consider their reported anonset is *at best* equal to the anon-set of the last mix that generated the UTXO,” Samourai wrote at the time. toutefois, Adam Fisor, the founder of Wasabi wallet, claimed at the time that Samourais claims wereinflated.

They claimed Wasabi is broken because of the lack of randomness in coin selection for Coinjoins,” Ficsor said in an interview published the day after Samourais vulnerability report. “More specifically, they tried to show that if an adversary knows all the UTXOs in a wallet, then it can tell which coin will be mixed next time. This is pointless as the only entity who knows the UTXOs in a wallet is the user itself. Then they moved on to building more and more on this false premise, repeating their conclusion over and over again, and thats the rest of the technical part of the letter.Ficsor added:

The community knows their claims are inflated and in their latest attempt they seek more credibility by trying to get us to play along with their nonsense by writing us a blackmail letter that has all the social engineering tricks in it, like setting deadlines to create a sense of urgency, repeating their false conclusions over and over again, and presenting the possible options that we have and explaining the consequences of us not playing along to create a sense of fear.

Amir Taaki Calls Coinjoin SchemesAbsolute Garbage,’ Gavin Andresen Wouldnt Be Surprised if ‘85% of Tornado Cash Usage Was Not Private

In addition to Wasabi, les Coinjoin mixing scheme itself has been criticized for leaking specifics about the mixing participants. Essentiellement, Coinjoin is an anonymization scheme first proposed by the developer Gregory Maxwell and it allows participants to combine multiple payments into a single transaction in order to obfuscate the transaction process. Ce’s true that Coinjoin offers a deeper anonymity set, but if a user mixes a bunch of coins and eventually consolidates them into one address, it can still leave behind some traces to the original owner.

This issue has been known for quite some time and many developers have explained the downfalls of the deanonymization procedure. En juillet 2020, the crypto developer and activist Amir Taaki told the public that UTXO mixing concepts like Coinjoin wereabsolute garbage.Taaki is well known for developing the privacy wallet Dark Wallet, an unfinished Coinjoin wallet protocol he developed with Defense Distributeds Cody Wilson. Taaki also claimed that the privacy-centric coin monero (XMR) and concepts like Mimblewimble were not that great.

en outre, the former Bitcoin Core developer Gavin Andresen has called out issues with Coinjoin schemes in the past as well. In a article de blog published in January 2020, Andresen discussed the ethereum (ETH) mixing tool called Tornade Cash. Interestingly, Andresen wrote that he wouldnt be surprised if a paper came out in 2023 that shows “85% of tornado usage was not private.Andresens blog post adds:

Not because the cryptography is broken, but because it is really hard for mere mortals to use something like Tornado (or Coinjoin or other similar technologies) in a way that doesnt leak information about their wallet.

Entre-temps, speaking with theblockcrypto.coms Yogita Khatri and Tim Copeland, Chainalysis told the reporters thatLauras report about our role in her investigation is accurate.The reporters also spoke with the Chainalysis competitor Elliptic and co-founder Tom Robinson stated thatElliptic can also demix Wasabi transactions in some circumstances.

What do you think about the claims showing Chainalysis de-mixed Wasabi transactions and the claims against Wasabis mixing scheme in the past? Faites-nous savoir ce que vous pensez de ce sujet dans la section commentaires ci-dessous.